Breaking Down the Barriers of Citizen Development

According to Gartner, citizen development efforts will expand significantly through 2020, but the space is still evolving.

We’ve been writing a lot about citizen development here on The Fast Track, so naturally I was intrigued when I came across Gartner vice president and research director Mark Driver’s new report, Citizen Development is Fundamental to the Digital Workplace [Gartner Inc., August 17, 2015]. Driver suggested that as employee digital dexterity grows, more individuals and teams will develop their own, increasingly complex applications – with both positive and negative implications for organizations.

Mark said that the enterprise must actively encourage citizen development rather than trying to shut it down. Ideally, citizen development should be part of a broader workplace strategy to boost employee engagement, and policies and procedures must be put in place to ensure that it operates smoothly.

His recommendations included defining the domain of citizen development efforts to be enabled and managed under enterprise IT guidelines and establishing criteria to identify and monitor more critical citizen development activities.

I recently had the opportunity to speak with Mark about the different areas of interest from our readers around citizen development – namely: security, infrastructure, and starting from scratch.

Security

I wondered how organizations maintain secure IT infrastructures while encouraging citizen development.

Mark shared my view that security is a major challenge. Most companies he’s observed are not doing a particularly good job of it, struggling mightily with issues of governance and control. Citizen development is inherently risky because data that’s managed in a variety of disparate locations is more vulnerable. For instance, someone could put a million Social Security numbers on a laptop that’s left at the airport.

According to Driver, programs involving a true partnership between IT, the citizen developers, and end users are more secure, because unlike in the case of shadow IT, there is greater transparency.

He also mentioned that security issues related to citizen development tend to be very context sensitive, with everything written in pencil. And the amount of governance that’s required really depends on the level of integration with enterprise services. Standalone apps are less likely to cause problems so the business unit could potentially get by with minimal IT involvement.

Infrastructure

On a related note, can citizen development happen on any platform or does it need to occur within the confines of the established IT infrastructure?

Contrary to popular belief, citizen development has been going on for decades with some degree of friction between corporate IT and business unit developers. But according to Mark, there was a natural limit to how bad it could get because you couldn’t just slip in a purchase order for a $40K server. IT groups were aware of development efforts even if politics tried to keep them out of it.

Now, though, with the opportunity of SaaS and the cloud, there is a wide range of tools available to citizen developers. It’s cheap and easy for anyone to build an app, and the truth is, IT wants to hand over some of the more basic app dev responsibilities to the business unit. Like anyone, CIOs just don’t want to be surprised.

Starting from Scratch

So how do you institute a citizen development program where none has existed before? Per Mark, it’s all about education and lots of it. You have to get all of your stakeholders together, make sure everyone understands the motive and the opportunity, and create a policy that outlines the required people, processes, and technologies for different types of projects. Be prepared that IT governance and oversight will likely vary depending on an app’s complexity and scope, and an app that starts in a business unit may need to eventually transition to IT.

Establish a liaison between core IT and the business unit and keep an open line of communication. Your goal should be to promote partnership at all times so that you avoid the shadow IT phenomenon and keep everyone on the same team.